CVE-2020-1717
maven/org.keycloak/keycloak-server-spi-private
Information Exposure Through an Error Message
Keycloak suffers from an information disclosure through an error message. A logged in user can do an account email enumeration attack.
Version 7.0.1
Upgrade to version 8.0.0 or above.
2021-02-19
source |